Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/fFU1nOvAp1rSs4Piya9lGEHH2qQ.roa
File: fFU1nOvAp1rSs4Piya9lGEHH2qQ.roa (raw, json)
Hash identifier: 2ngeI6kdV66tUb5OqMLCCP5yBBWk//A11XWcWwTz/1M=
Subject key identifier: 7C:55:35:9C:EB:C0:A7:5A:D2:B3:83:E2:C9:AF:65:18:41:C7:DA:A4
Certificate issuer: /CN=412ac83a27ca8723c61b1446c3e678110c650689
Certificate serial: 019427B618F228E654CC6E80675E13BF1FC2
Authority key identifier: 41:2A:C8:3A:27:CA:87:23:C6:1B:14:46:C3:E6:78:11:0C:65:06:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSrIOifKhyPGGxRGw-Z4EQxlBok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/fFU1nOvAp1rSs4Piya9lGEHH2qQ.roa
Signing time: Thu 02 Jan 2025 15:50:32 +0000
ROA not before: Thu 02 Jan 2025 15:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24632
IP address blocks: 193.111.108.0/22 maxlen: 22
193.111.112.0/23 maxlen: 23
194.9.168.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:18:f2:28:e6:54:cc:6e:80:67:5e:13:bf:1f:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=412ac83a27ca8723c61b1446c3e678110c650689
Validity
Not Before: Jan 2 15:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c55359cebc0a75ad2b383e2c9af651841c7daa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cb:9f:44:b1:38:3b:06:ce:ad:ea:42:70:7d:
1b:5e:35:c5:5a:27:08:cf:29:84:7c:fd:a5:55:27:
07:17:ac:87:80:3f:e1:08:4a:26:98:6e:fa:3c:cc:
54:e1:8e:5a:35:70:31:16:77:d8:26:79:12:38:00:
1b:b5:3c:d4:04:5a:27:d1:d5:11:6e:35:8b:a9:40:
48:e0:90:75:cc:e7:4a:09:42:41:92:02:a9:cd:96:
53:af:16:93:3b:18:eb:f8:83:eb:3f:2f:f1:1d:02:
18:4f:2b:b6:55:0a:dd:e1:4c:89:e5:cf:f4:f5:21:
5a:01:50:54:91:ab:9b:50:10:7f:84:c0:19:6f:98:
b2:1e:d6:a7:5f:a3:e0:b7:d6:2f:76:dd:a7:c5:02:
1e:33:a3:2a:ce:69:a4:4c:57:1f:69:7a:4a:bf:13:
59:70:03:ae:cf:14:bb:31:d7:6d:f5:03:90:17:63:
c9:03:87:bc:5b:3a:65:6b:f0:de:8d:b4:10:f6:35:
03:b1:94:f9:b2:5d:16:05:20:c9:28:4a:4c:d2:d2:
30:49:53:97:6d:2e:ce:b7:90:53:00:f1:65:84:ca:
79:95:44:97:e8:10:3f:13:60:e4:97:ea:79:91:03:
29:58:31:f9:60:1f:d8:c0:6e:94:c7:a8:74:cc:fc:
31:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:55:35:9C:EB:C0:A7:5A:D2:B3:83:E2:C9:AF:65:18:41:C7:DA:A4
X509v3 Authority Key Identifier:
keyid:41:2A:C8:3A:27:CA:87:23:C6:1B:14:46:C3:E6:78:11:0C:65:06:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSrIOifKhyPGGxRGw-Z4EQxlBok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/fFU1nOvAp1rSs4Piya9lGEHH2qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/QSrIOifKhyPGGxRGw-Z4EQxlBok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.108.0-193.111.113.255
194.9.168.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:89:bf:ad:1e:ba:73:45:9f:4d:a8:cd:9c:ef:ab:4d:37:ce:
2a:6c:29:b3:82:4b:10:47:5e:7e:4f:7b:47:cb:4c:5b:76:a8:
d9:83:f2:18:5e:f3:16:d7:6a:b8:5c:4d:6c:db:d8:84:78:8b:
51:86:f4:0e:f2:64:bd:9a:05:5b:60:56:09:08:a7:f3:ab:98:
57:2f:1e:a1:7d:20:3a:82:47:c1:a0:1f:91:38:1d:2d:09:b7:
0c:6f:1f:7b:2b:1e:b7:9a:30:4c:00:0c:e3:1c:32:0e:3f:4d:
9e:bb:a9:00:3e:1c:5b:a4:40:e7:cf:d0:df:7e:66:00:99:44:
12:81:81:eb:fb:9e:38:4a:a4:9c:79:81:04:53:86:df:4c:e1:
f4:9c:ff:ae:57:93:ea:d7:bf:54:91:fb:cb:2e:db:83:fb:af:
a4:77:3f:db:09:47:9a:de:b2:f4:03:0b:76:d3:dc:59:87:ed:
ce:d8:3f:ec:3e:99:a3:b0:6a:5f:d9:bf:23:58:cc:b4:b9:00:
58:7c:3a:71:d3:e3:8f:27:b6:77:0d:c4:93:1f:4a:7a:ab:13:
50:6c:42:bf:a0:78:bb:a3:49:5d:13:0a:1c:99:f1:78:71:e3:
af:38:e1:8e:d6:71:86:17:c7:62:f4:70:08:8b:dd:bf:83:49:
cc:7c:08:40
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQnthjyKOZUzG6AZ14Tvx/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMmFjODNhMjdjYTg3MjNjNjFiMTQ0NmMzZTY3ODExMGM2
NTA2ODkwHhcNMjUwMTAyMTU1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzU1MzU5Y2ViYzBhNzVhZDJiMzgzZTJjOWFmNjUxODQxYzdkYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksufRLE4OwbOrepCcH0bXjXFWicI
zymEfP2lVScHF6yHgD/hCEommG76PMxU4Y5aNXAxFnfYJnkSOAAbtTzUBFon0dUR
bjWLqUBI4JB1zOdKCUJBkgKpzZZTrxaTOxjr+IPrPy/xHQIYTyu2VQrd4UyJ5c/0
9SFaAVBUkaubUBB/hMAZb5iyHtanX6Pgt9Yvdt2nxQIeM6MqzmmkTFcfaXpKvxNZ
cAOuzxS7Mddt9QOQF2PJA4e8Wzpla/DejbQQ9jUDsZT5sl0WBSDJKEpM0tIwSVOX
bS7Ot5BTAPFlhMp5lUSX6BA/E2Dkl+p5kQMpWDH5YB/YwG6Ux6h0zPwxOQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHxVNZzrwKda0rOD4smvZRhBx9qkMB8GA1UdIwQY
MBaAFEEqyDonyocjxhsURsPmeBEMZQaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNySU9pZktoeVBHR3hSR3ctWjRFUXhsQm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zMjFjMGQtMzY3MS00OTI3LTg5Mzct
MWY4NTZjMDkzYWU4LzEvZkZVMW5PdkFwMXJTczRQaXlhOWxHRUhIMnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zMjFjMGQtMzY3MS00OTI3LTg5MzctMWY4NTZjMDkzYWU4
LzEvUVNySU9pZktoeVBHR3hSR3ctWjRFUXhsQm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBALBb2wD
BAHBb3ADBAHCCagwDQYJKoZIhvcNAQELBQADggEBABuJv60eunNFn02ozZzvq003
zipsKbOCSxBHXn5Pe0fLTFt2qNmD8hhe8xbXarhcTWzb2IR4i1GG9A7yZL2aBVtg
VgkIp/OrmFcvHqF9IDqCR8GgH5E4HS0JtwxvH3srHreaMEwADOMcMg4/TZ67qQA+
HFukQOfP0N9+ZgCZRBKBgev7njhKpJx5gQRTht9M4fSc/65Xk+rXv1SR+8su24P7
r6R3P9sJR5resvQDC3bT3FmH7c7YP+w+maOwal/ZvyNYzLS5AFh8OnHT448ntncN
xJMfSnqrE1BsQr+geLujSV0TChyZ8Xhx46844Y7WcYYXx2L0cAiL3b+DScx8CEA=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:25 2025 by rpki-client